SSL Certificate Analysis for webmaster.reconcustom.info - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=shababunity.net

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 18, 2026

Valid Until

July 17, 2026 73 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AE:B4:28:E7:67:BA:00:B7:DD:A1:5B:1B:00:AB:6D:9E:51:C2:C3:69:68:D0:2A:47:D7:C1:5A:30:D5:C7:EE:61

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

reconcustom.info *.reconcustom.info *.api.reconcustom.info *.app.reconcustom.info *.b70bab17-5d49-4c56-994c-61f99544382a.reconcustom.info *.ch.reconcustom.info *.development.reconcustom.info *.mx1.reconcustom.info *.test.reconcustom.info

Other domains in certificate

askmature.com *.askmature.com *.docs.askmature.com *.mx2.askmature.com *.y6g.askmature.com

colorcombo.com *.colorcombo.com *.ww17.colorcombo.com

*.admin.ercari.com *.ccpartner.ercari.com *.dash.ercari.com *.ebay.ercari.com ercari.com *.ercari.com *.jp.ercari.com *.m.ercari.com *.mercari.ercari.com *.p.ercari.com *.partner.ercari.com *.rb.ercari.com *.tw.ercari.com *.ww38.ercari.com

kaylynskitchen.com *.kaylynskitchen.com *.random.kaylynskitchen.com *.ww25.kaylynskitchen.com

kponomarenqo.online *.kponomarenqo.online

lasikpages.com.au *.lasikpages.com.au *.wildcard.lasikpages.com.au

mzga.com *.mzga.com

ozmag.com.au *.ozmag.com.au

paarfotos.de *.paarfotos.de

*.mail.portchesterschool.org *.mail10.portchesterschool.org *.ol.portchesterschool.org portchesterschool.org *.portchesterschool.org *.tae.portchesterschool.org *.ww1.portchesterschool.org *.ww38.portchesterschool.org

salvagemarine.com *.salvagemarine.com

scorecrdrewards.com *.scorecrdrewards.com *.wildcard.scorecrdrewards.com *.ww38.scorecrdrewards.com

*.comune.secse.com *.m.secse.com secse.com *.secse.com *.smtps.secse.com *.ww16.secse.com

*.m.shababunity.net *.school.shababunity.net *.score.shababunity.net *.server.shababunity.net shababunity.net *.shababunity.net *.ww38.shababunity.net

*.admin.studentzone.it *.analytic.studentzone.it *.backend.studentzone.it *.dash.studentzone.it *.redash.studentzone.it studentzone.it *.studentzone.it *.superset.studentzone.it *.supersets.studentzone.it

super-queen.biz *.super-queen.biz *.ww38.super-queen.biz

*.mem.winstar828.com *.member.winstar828.com *.wildcard.winstar828.com winstar828.com *.winstar828.com